[英]CSRF Protection in a Flask Framework that uses Dash
這個問題建立在我之前關於破折號集成的問題之上。
當使用flask_wtf
模塊激活CSRF 時,如何集成Dash 模塊而不會因為缺少csrf 令牌而阻塞Dash 帖子?
from flask import Flask, request, render template
from flask_wtf.csrf import CSRFProtect
from dash import Dash
from dash.dependencies import Input, Output
app = Flask(__name__)
csrf = CSRFProtect(app)
app.config['SECRET_KEY'] = 'somethignrandom'
dapp = Dash(__name__, server=app, routes_pathname_prefix='/dash/')
dapp.layout = layoutfunction # this is left for your imagination
@app.route('/', methods=['GET','POST'])
def helloworld():
return render_template('index.html')
@app.route('/dash')
def dashing():
dapp.layout = layoutfunction
if __name__ == '__main__':
app.run(debug=True)
每當加載/dash
時,都會返回 404 錯誤。
來自: https : //github.com/plotly/dash/issues/308
添加以下行以從 csrf 令牌要求中豁免破折號:
from flask import Flask, request, render template
from flask_wtf.csrf import CSRFProtect
from dash import Dash
from dash.dependencies import Input, Output
app = Flask(__name__)
csrf = CSRFProtect(app)
app.config['SECRET_KEY'] = 'somethignrandom'
########## ADD THIS LINE
csrf._exempt_views.add('dash.dash.dispatch')
##########
dapp = Dash(__name__, server=app, routes_pathname_prefix='/dash/')
dapp.layout = layoutfunction # this is left for your imagination
@app.route('/', methods=['GET','POST'])
def helloworld():
return render_template('index.html')
@app.route('/dash')
def dashing():
dapp.layout = layoutfunction
if __name__ == '__main__':
app.run(debug=True)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.